I have a site with just one file: index.htm witch have some ajax linked
to php files. I’d like to make thouse php files only accessable via ajax
(post and get) coming from this index file and block access to all files
but the index.htm. Is it possible in Nginx? Thanks.
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,176352,176352#msg-176352
On Fri, Feb 18, 2011 at 9:00 AM, atipico [email protected] wrote:
I have a site with just one file: index.htm witch have some ajax linked
to php files. I’d like to make thouse php files only accessable via ajax
(post and get) coming from this index file and block access to all files
but the index.htm. Is it possible in Nginx? Thanks.
location = /index.htm {
root …
…
}
location / { return 404; }
On 02/18/2011 10:59 AM, Edho P Arief wrote:
location / { return 404; }
nginx mailing list
[email protected]
http://nginx.org/mailman/listinfo/nginx
using ajax cannot get correct response either.
you can protect information by COOKIE:
location = /index.htm {
root …
add_header Set-Cookie allow=true;
}
location / {
if ($COOKIE_allow = true ) {…}
return 404;
}
Please, Tony, just to clarify: when you say “protect information by
COOKIE”, are talking about this?
http://nginx.org/pipermail/nginx/2009-June/012857.html
Thanks!
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,176352,176415#msg-176415
I think this is the pointed solution, isn’t it?
http://nginx.org/pipermail/nginx/2009-June/012814.html
http://wiki.nginx.org/HttpUserIdModule
Thanks!
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,176352,176416#msg-176416
On 02/18/2011 06:15 PM, atipico wrote:
nginx mailing list
[email protected]
http://nginx.org/mailman/listinfo/nginx
no, you cannot protect anything in nginx, its just a first step
protection. your server should support session.
and $http_referer needs to be checked.
But how to work with sessions if my first page is a static page? Should
I create a session via Ajax?
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,176352,176432#msg-176432
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs